Skip to main content

Admin Side Data Storage For Contact Form 7

5 CVEs product

Monthly

CVE-2024-1779 MEDIUM This Month

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_status() function in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Admin Side Data Storage For Contact Form 7
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-1778 MEDIUM This Month

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_bookmark() function in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Admin Side Data Storage For Contact Form 7
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-1777 MEDIUM This Month

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Admin Side Data Storage For Contact Form 7
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-1776 HIGH This Week

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via the 'form-id' parameter in all versions up to, and including, 1.1.1 due to insufficient escaping. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Admin Side Data Storage For Contact Form 7
NVD VulDB
CVSS 3.1
7.2
EPSS
0.3%
CVE-2023-24420 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Admin Side Data Storage For Contact Form 7
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM This Month

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_status() function in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Admin Side Data Storage For Contact Form 7
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_bookmark() function in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Admin Side Data Storage For Contact Form 7
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Admin Side Data Storage For Contact Form 7
NVD VulDB
EPSS 0% CVSS 7.2
HIGH This Week

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via the 'form-id' parameter in all versions up to, and including, 1.1.1 due to insufficient escaping. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Admin Side Data Storage For Contact Form 7
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Admin Side Data Storage For Contact Form 7
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy